Vulnerability Operations Engineer

Introduction

Join to play a pivotal role in transforming raw tool output into actionable insights. This position focuses on enhancing the vulnerability management operations through engineering, automation, and AI-driven solutions, reducing operational risks and delivering productivity gains across the security program.

Required Skills & Qualifications

• 5 years in a security engineering, detection engineering, SOAR, or security automation role with significant production coding responsibility.
• Strong Python skills, with demonstrated experience building integrations against REST APIs, working with structured data at scale, and shipping code to production.
• Hands-on experience with at least two of: Tenable, CrowdStrike, Wiz, Qualys, Rapid7, Splunk, or equivalent enterprise security platforms.
• Practical experience integrating LLMs into production workflows - direct API usage (Anthropic, OpenAI, or equivalent), prompt engineering for production reliability, and an understanding of failure modes including hallucination, prompt injection, and cost management.
• Comfortable working in CI/CD, infrastructure-as-code, and modern cloud environments.
• Clear written communication - capable of producing internal documentation, runbooks, and executive-ready summaries.
• Prior work experience at client or in client's Industry.

Applicants must be able to work directly for Artech on W2.

Preferred Skills & Qualifications

• Experience with agent frameworks (LangChain, LlamaIndex, or equivalent) and with retrieval-augmented generation patterns applied to security data.
• Background in SOAR development (Tines, Torq, Cortex XSOAR, Splunk SOAR) or detection-as-code workflows.
• Familiarity with the security tooling vendor landscape and ability to make pragmatic build-vs-buy recommendations.
• Prior work in a multi-tenant or multi-business-unit environment where data isolation and per-tenant reporting matter.
• Exposure to AI security risks - prompt injection, model abuse, data leakage - and approaches to mitigating them in production systems.

Day-to-Day Responsibilities

• Integration and automation across the security tooling stack, including data normalization, deduplication, and enrichment pipelines.
• AI-assisted reporting pipelines that transform tool output into business-unit-specific narratives for monthly metric reviews, replacing manual report assembly.
• LLM-integrated workflows for alert triage, vulnerability summarization, remediation guidance generation, and finding prioritization.
• Evaluation, prototyping, and operationalization of emerging AI security tools - including agentic testing platforms and AI-driven offensive security tooling - with clear, evidence-based recommendations on what to adopt.
• Ownership of the technical infrastructure behind monthly business unit metric reviews - dashboards, data quality, and the pipeline from tool to executive-ready output.
• Partnership with the vulnerability management lead to encode operational knowledge into automation, reducing single-person dependency on the function.
• Contributing to the AI governance posture for security operations - documenting prompts, model selection, validation approaches, and human-in-the-loop checkpoints.

For immediate consideration please click APPLY to begin the screening process with Alex.